﻿using Microsoft.IdentityModel.Tokens;
using System.Text;

namespace CoreCms.Net.Identity.TokenUtils
{
    public class TokenUtils
    {
        public static SymmetricSecurityKey GenerateSymmetricSecurityKey(string secret)
        {
            var keyByteArray = Encoding.ASCII.GetBytes(secret);
            return new SymmetricSecurityKey(keyByteArray);
        }

        public static TokenValidationParameters GenerateTokenValidationParameters(
            SymmetricSecurityKey signingKey,
            string issuer,
            string audience)
        {
            // 令牌验证参数
            var tokenValidationParameters = new TokenValidationParameters
            {
                ValidateIssuerSigningKey = true,   //是否验证SecurityKey
                IssuerSigningKey = signingKey,  //拿到SecurityKey
                ValidateIssuer = true, //是否验证Issuer
                ValidIssuer = issuer,//发行人 //Issuer，这两项和前面签发jwt的设置一致
                ValidateAudience = true, //是否验证Audience
                ValidAudience = audience,//订阅人
                ValidateLifetime = true,//是否验证失效时间
                ClockSkew = TimeSpan.Zero,
                RequireExpirationTime = true,
            };
            return tokenValidationParameters;
        }
    }
}